<?php
/*
+--------------------------------------------------------+
| GMapbook - A Guestbook base on Google Map API          |
| Support :  http://blog.codexpress.cn                   |
| Author  :  kukukuan (kukukuan@163.com)                 |
| Copyright (c) 2006                                     |
|--------------------------------------------------------+
*/
require_once("include/include.inc.php");
require_once("include/functions.php");

function randompassword(){
	$alphanum  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
	return substr(str_shuffle($alphanum), 0, 8);
}


$success = false;

$code = isset($_GET["code"]) ? strval( $_GET["code"] ) : "";
if ( !$_SESSION['image_random_value'] || ($_SESSION['image_random_value']!==$code) ) {
	//echo "Your Verification Code is INVALID!";
	$_SESSION['image_random_value'] = false;
	echo 7;
	die();
}
if (isset($_GET['type']) && isset($_GET['email'])) {
	$password = randompassword();
	$currentdate = strftime('%Y年%m月%d日');
	$email = urldecode($_GET['email']);
	if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*$", $email) ) {
		//echo "Your Email address is INVALID!\nPlease verify it again!";
		echo 6;
		die();
	}
	if (($_GET['type'] == 'resuwen') && isset($_GET['uname'])){
		$uname = urldecode($_GET['uname']);
		$db = &new mysqldb($_DBNAME, $_DBHOST, $_DBUSER, $_DBPASS);
		if ($db->select_single_to_array('users','*',"WHERE email='$email'")) {
			$db->close();
			echo 1; //User Exists!
			die();
		} else {
			if ($uid = $db->insert('users', array( 'uname'=>$uname, 'upass'=>md5('happy new year!'), 'upass2'=>md5($password), 'email'=>$email, 'regtime'=>strftime('%y-%m-%d %H:%M:%S') ))) {
				$db->close();
			} else {
				$db->close();
				//echo "DB ERROR!";
				echo 3;
				die();
			}
		}
		$emailtitle = 'GMapbook新用户注册';
		$emailbody = "<p>尊敬的$uname</p><p style='text-indent:20px'>您好！欢迎使用GMapbook留言本。您的留言本位于<a href='http://gmapbook.gmap2.net/?uid=$uid' target='_blank'>http://gmapbook.gmap2.net/?uid=$uid</a>。从现在开始，您就可以使用该链接访问留言本了。您可以在网页中使用该链接，或者和我一样利用iframe直接将该留言本嵌入网页（见这里<a href='http://blog.gmap2.net/' target='_blank'>http://blog.gmap2.net/</a>）。</p><p style='text-indent:20px'>不过，目前您的留言本尚处于<strong>未激活状态</strong>。请您在<strong>3日内</strong>用你的帐号和随机密码<strong>$password</strong>登陆<a href='http://gmapbook.gmap2.net/?uid=$uid' target='_blank'>http://gmapbook.gmap2.net/?uid=$uid</a>激活帐号，否则您的帐号将被删除。</p><p>&nbsp;</p><p><strong>您的用户信息</strong></p><p>EMail帐号： $email</p><p>用户昵称： $uname</p><p>随机密码： $password</p><p>留言本地址（登陆入口）： <a href='http://gmapbook.gmap2.net/?uid=$uid' target='_blank'>http://gmapbook.gmap2.net/?uid=$uid</a></p><p>使用帮助： <a href='http://gmapbook.gmap2.net/help.html' target='_blank'>http://gmapbook.gmap2.net/help.html</a></p><p>&nbsp;</p><p style='text-align:right'>GMapbook留言本系统</p><p style='text-align:right'>$currentdate</p>";
	} elseif ($_GET['type']== 'drowssaptsol') {
		$db = &new mysqldb($_DBNAME, $_DBHOST, $_DBUSER, $_DBPASS);
		$userinfo = $db->select_single_to_array('users','*',"WHERE email='$email'");
		if (!$userinfo) {
			$db->close();
			echo 2; //User Exists!
			die();
		} else {
			$uid = $userinfo['uid'];
			$uname = $userinfo['uname'];
			if ($db->update('users',array('upass2'=>md5($password)),"WHERE email='$email'")) {
				$db->close();
			} else {
				$db->close();
				echo 3;
				die();
			}
		}
		$emailtitle = 'GMapbook密码重置';
		$emailbody = "<p>尊敬的$uname</p><p style='text-indent:20px'>您好！您收到本邮件是因为有人在<a href='http://gmapbook.gmap2.net' target='_blank'>http://gmapbook.gmap2.net</a>申请取回密码。</p><p style='text-indent:20px'>如果该申请并非您发送，请忽略本邮件，并使用<strong>原密码</strong>登陆。如果您忘记密码，请使用以下信息登陆。</p><p>&nbsp;</p><p><strong>您的用户信息</strong></p><p>EMail帐号： $email</p><p>用户昵称： $uname</p><p>随机密码： $password</p><p>留言本地址（登陆入口）： <a href='http://gmapbook.gmap2.net/?uid=$uid' target='_blank'>http://gmapbook.gmap2.net/?uid=$uid</a></p><p>使用帮助： <a href='http://gmapbook.gmap2.net/help.html' target='_blank'>http://gmapbook.gmap2.net/help.html</a></p><p>&nbsp;</p><p style='text-align:right'>GMapbook留言本系统</p><p style='text-align:right'>$currentdate</p>";
	} else {
		echo 5; //Illegal request!
		die();
	}
	
	if (sendbygmail($email, $uname, $emailtitle, $emailbody, '')) {
		echo 0;  //success
	} else {
		echo 4;  //email sending fail
	}
	
} else {
	echo 5;  //Illegal request!
}
?>
